package top.wilsonlv.jaguar.oauth2.security.config;

import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.annotation.Order;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import top.wilsonlv.jaguar.oauth2.security.Oauth2SecurityConstant;
import top.wilsonlv.jaguar.oauth2.security.component.FeignServerSecurityFilter;


/**
 * @author lvws
 * @since 2021/7/26
 */
@Order(2)
@Configuration
@RequiredArgsConstructor
public class FeignServerSecurityConfigurer extends WebSecurityConfigurerAdapter {

    private final FeignServerSecurityFilter feignServerSecurityFilter;

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.antMatcher(Oauth2SecurityConstant.FEIGN_URL_PREFIX + "/**")
                .authorizeRequests()
                .anyRequest().permitAll()
                .and()
                .addFilterBefore(feignServerSecurityFilter, UsernamePasswordAuthenticationFilter.class)
                .cors()
                .and().csrf().disable()
                .headers().frameOptions().disable();
    }

}
